M-11 MitigationConfirmed

[code423n4]

Lines of code

Vulnerability details

Issue mitigated

About the problem

Vault.mintWithPermit uses permit functionality, which means that initiator should permit correct amount of assets. But because you provide amount of shares that you want to receive, it's not easy to calculate exact amount of assets that is needed to be approved to execute operation.

Solution

Pool together team has decided to remove mintWithPermit function from the contract.

[c4-judge]

Picodes marked the issue as satisfactory